efab006c65d108e81e8849bd800828f7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efab006c65d108e81e8849bd800828f7_JaffaCakes118
Size

252KB
MD5

efab006c65d108e81e8849bd800828f7
SHA1

a40788f49e2216dcd4cf2ad6be5d62239f4e699b
SHA256

f3720e2e721f238958f4405d2c6518d0089d4786acb4ceb6488334b059f2b156
SHA512

feedd2eaeda08100074bccac19c4390ffc2f320679fd41a9701c48855fedb61623eb935fba09c5358a892ea221cd057683752214ae7875baf612b93c6edf0a24
SSDEEP

3072:5tn5ymi8Eu11uZaLJbN2SQ3N7Do0JgT5SVtoaKGlD8yWC242UcdRCU4J4lg4E4tO:

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efab006c65d108e81e8849bd800828f7_JaffaCakes118

Files

efab006c65d108e81e8849bd800828f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb21ecb4548c6943a3a6db57a9aeaae2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord717
ProcCallEngine
ord644
ord100

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ